New cybersecurity alliance forms to develop OT guidelines

ABB and other leaders in the field of industrial cybersecurity have joined together in a new alliance to provide a technical and organisational framework for safe and secure operational technology (OT).

The Operational Technology Cyber Security Alliance (OTCSA) aims to bridge dangerous gaps in security for OT and critical infrastructures and industrial control systems (ICS). Industry leaders Check Point Software, BlackBerry Cylance, Forescout, Fortinet, Microsoft, Mocana, NCC Group, Qualys, SCADAFence, Splunk and Wärtsilä have partnered with ABB to establish the OTCSA.

The OTCSA collaboration will focus on five main areas:

  • strengthening cyber-physical risk posture of OT environments and interfaces for OT/IT interconnectivity;
  • guiding OT operators on how to protect their OT infrastructure based on a risk management process and reference architectures/designs which are demonstrably compliant with regulations and international standards such as IEC 62443;
  • guiding OT suppliers on secure OT system architectures, relevant interfaces and security functionalities;
  • supporting the procurement, development, installation, operation, maintenance, and implementation of a safer, more secure critical infrastructure; and
  • shortening the time to adoption of safer, more secure critical infrastructures.

 

The OTCSA will reportedly develop architectural, implementation, and process guidelines for OT operators and IT/OT solution providers so that they can navigate necessary changes, upgrades and integrations to evolving industry standards and regulations. The guidelines will cover the entire lifecycle – across procurement, development, deployment, installation, operation, maintenance and decommission – and address aspects related to people, process, and technology.

ABB chief security officer Satish Gannu said that effective protection against threats to critical infrastructures and industrial control systems was essential in preventing negative financial and environmental impacts.

“Industry collaboration to establish architectural, implementation and process guidelines is required to quickly advance the posture of OT, which is already a decade behind IT when it comes to security,” Gannu said.

“We are confident the OTCSA will deliver a framework for much-needed solutions, at a time when industrial customers live in a world of increasingly sophisticated threats, putting organisations at risk of potentially catastrophic losses.”